Symantec Won't Allow Third-Party Government Reviews Of Its Security Software

Symantec said it would no longer allow governments to review its software, a move that comes as competitors in the security space face backlash for their reported cooperation with third-party government reviews.  

Reuters reported that Symantec CEO Greg Clark said the company would no longer allow the reviews, which it previously had permitted in exchange for being able to do business in certain countries. Clark said the trade-off of a new market was not with the loss of customer confidence and potential risk a review would allow. Countries pushing for third-party government reviews of security software before it can be sold in the country include Russia and China. 

"We just have taken a policy decision to say, 'Any foreign government that wants to read our source code, the answer is no.'" Clark told Reuters.

[Related: Kaspersky Lab Partners Put In Tough Position As Public Sector Pressure Mounts Over Russia Allegations]

Reuters said the company stopped third-party government reviews at the beginning of 2016 but has not publicly addressed the reasoning behind the issue until now. 

Sarah Isaacs, a managing partner of Chicago-based Symantec partner Conventus, said in an email to CRN that she thinks the move will help keep customers more secure.

"We think this is a solid move towards ensuring Symantec software remains secure and will certainly help foster our customer's confidence in Symantec solutions," Isaacs said.

The comments come after multiple security vendors face backlash for their alleged involvement with foreign governments. Most notably, Kaspersky Lab – which directly competes with Symantec – has faced an ongoing saga, in which the federal government claims the security vendor has inappropriate ties to the Russian government, allowing for potential backdoors in its software. Kaspersky, which is globally headquartered in Moscow, denies these claims vehemently.

As a result of the allegations, Kaspersky has been removed from the GSA Schedule, and the Department of Homeland Security said in a directive that all Kaspersky products must be removed from federal networks. Private sector companies, such as Best Buy, are also pulling the company's consumer software from their retail shelves.

Kaspersky isn't the only company taking heat for third-party government reviews. Reuters reported earlier this month that HPE allows for review of its ArcSight software (now owned by Micro Focus) by a Russian defense agency. It said the reviews have been going on for years, though HPE said they occurred at an accredited HPE R&D center. 

Read more articles on: